CVE-2020-27825

A use-after-free flaw was found in kernel/trace/ringbuffer.c in Linux kernel before 5.10-rc1. There was a race problem in traceopen and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem DOS. This flaw could even allow a local attacker with special use...

NewStart CGSL CORE 5.05 / MAIN 5.05 : bind Multiple Vulnerabilities (NS-SA-2020-0095)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has bind packages installed that are affected by multiple vulnerabilities: - managed-keys is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in...

Making Sense of the Security Sensor Landscape

We have a serious sensor problem in the cybersecurity world. And it’s bad. Particularly when it comes to network intrusion detection and prevention sensors IDS/IPS. It seems like many security operations center SOC teams have completely given up on them being effective. But is the problem with...

SSL VPN : Intranet Applications connectivity break on port 3389 and port 22 after upgrade

After Update to 64.35 the SSL Client send TCP FIN ACK to the Server. This problem is not reported on 13.0.58.32, 13.0.61.48. There is no issue with accessing the Intranet Applications. 13.0.64.35, and 13.0.67.39, the connectivity to port 3389 and port 22 breaks...

SUSE-SU-2020:3402-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-2412 fixes several issues. The following security issues were fixed: - CVE-2020-12351: Fixed a type confusion while processing AMP packets aka 'BleedingTooth' aka 'BadKarma' bsc1177724, bsc1177729, bsc1178397. - CVE-2020-25645: Fixed an an issue in IPsec th...

Live Webinar: Reducing Complexity by Increasing Consolidation for SMEs

Complexity is the bane of effective cybersecurity. The need to maintain an increasing array of cybersecurity tools to protect organizations from an expanding set of cyber threats is leading to runaway costs, staff inefficiencies, and suboptimal threat response. Small to medium-sized enterprises...

Target device boot issue from PVS server - vDisk cannot be accessed (a).

When booting the target device from vDisk we get the following error on pre-boot screen: "vDisk cannot be accessed a."...

App Layering - User layer is not getting attached on logon. Error "We were unable to determine the status of your layers..."

...

Jira Service Desk permissions error dialog allows Project Admins to upgrade the permission scheme

h3. Issue Summary For a specific use case, only some selected users may create issues using the Portal, so the permission to create issues by "Service Desk Customer - Portal" was removed. After the Permission change, Project Administrators, that should not have access to change the...

CVE-2020-26160

jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with string for m"aud" which is allowed by the specification. Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lac...

CVE-2020-26160

jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with string for m"aud" which is allowed by the specification. Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lac...

Huawei EulerOS: Security Advisory for cairo (EulerOS-SA-2020-2057)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : cairo (EulerOS-SA-2020-2057)

According to the versions of the cairo packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in cairo 1.16.0. There is an assertion problem in the function cairoarcindirection in the file cairo-arc.c.CVE-2019-6461 ...

Joining Storefront to Server Group Error "Cannot Join Server Group"

Error when trying to add second SF server to existing group: "Cannot join server group There was a problem connecting to the authorizing server. Verify the server name and try again." Joining Storefront Server will show the following Event under "Citrix Delivery Services Logs " Log Name: Citrix...

Digital Transformation Insights for Security Leaders

Digital transformation, especially in the cloud, is changing the way we solve problems. With new services, tools, and techniques surfacing every day, how do you navigate through it all?...

An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.

...

The skinny on the Instacart breach

The COVID-19 outbreak has affected many facets of our lives—from how we visit our families, socialize with friends, meet with colleagues, to how we should be conducting ourselves outside of our homes. Ideally, a few meters apart from everyone else and with a mask on. These—on top of imposed...

CVE-2020-16843

In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on whi...

Six Hundred Million Reasons to Celebrate: No More Ransom Turns FOUR!!

ARCHIVED STORY Six Hundred Million Reasons to Celebrate: No More Ransom Turns FOUR!! By John Fokker · July 27, 2020 Happy Birthday! Today we mark the fourth anniversary of the NoMoreRansom initiative with over 4.2 million visitors, from 188 countries, stopping an estimated $632 million in ransom...

openSUSE Security Update : opera (openSUSE-2020-917)

This update for opera fixes the following issues : Opera was updated to version 68.0.3618.104 - CHR-7909 Update chromium on desktop-stable-81-3618 to 81.0.4044.138 - CVE-2020-6831, CVE-2020-6464 - DNA-85609 Mac Tabs shrinking & disappearing - DNA-85629 Crash at...